Page 1 of 2
apt update error - librewolf
Posted: Sun Dec 15, 2024 7:24 pm
by towwire
Code: Select all
apt update
Hit:1 http://security.debian.org/debian-security bullseye-security InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
No updates available
(0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.)
Press any key to close...
Code: Select all
Snapshot created on: 20220315_1001
System: Kernel: 5.10.0-33-amd64 [5.10.226-1] x86_64 bits: 64 compiler: gcc v: 10.2.1
parameters: BOOT_IMAGE=/boot/vmlinuz-5.10.0-33-amd64 root=UUID=<filter> ro quiet splash
Desktop: Xfce 4.18.1 tk: Gtk 3.24.24 info: xfce4-panel wm: xfwm 4.18.0 vt: 7
dm: LightDM 1.26.0 Distro: MX-21.3_x64 Wildflower October 20 2021
base: Debian GNU/Linux 11 (bullseye)
Machine: Type: Desktop System: Gigabyte product: N/A v: N/A serial: <filter> Chassis: type: 3
serial: <filter>
Mobo: Gigabyte model: F2A88X-UP4 v: x.x serial: <filter> UEFI: American Megatrends
v: F8a date: 12/14/2015
CPU: Info: Quad Core model: AMD A10-7850K Radeon R7 12 Compute Cores 4C+8G bits: 64
type: MCP arch: Steamroller family: 15 (21) model-id: 30 (48) stepping: 1
microcode: 6003106 cache: L2: 2 MiB
flags: avx lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 29549
Speed: 1939 MHz min/max: 1700/3700 MHz boost: enabled Core speeds (MHz): 1: 1939
2: 2386 3: 1840 4: 1836
Vulnerabilities: Type: gather_data_sampling status: Not affected
Type: itlb_multihit status: Not affected
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: mmio_stale_data status: Not affected
Type: reg_file_data_sampling status: Not affected
Type: retbleed mitigation: untrained return thunk; SMT vulnerable
Type: spec_rstack_overflow status: Not affected
Type: spec_store_bypass
mitigation: Speculative Store Bypass disabled via prctl and seccomp
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2
mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected
Type: srbds status: Not affected
Type: tsx_async_abort status: Not affected
Graphics: Device-1: AMD Kaveri [Radeon R7 Graphics] vendor: Gigabyte driver: radeon v: kernel
alternate: amdgpu bus-ID: 00:01.0 chip-ID: 1002:130f class-ID: 0300
Display: x11 server: X.Org 1.20.11 compositor: xfwm4 v: 4.18.0 driver:
loaded: ati,radeon unloaded: fbdev,modesetting,vesa display-ID: :0.0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2")
s-diag: 582mm (22.9")
Monitor-1: HDMI-0 res: 1920x1080 dpi: 82 size: 598x336mm (23.5x13.2") diag: 686mm (27")
OpenGL: renderer: AMD KAVERI (DRM 2.50.0 5.10.0-33-amd64 LLVM 11.0.1)
v: 4.5 Mesa 20.3.5 direct render: Yes
Audio: Device-1: AMD Kaveri HDMI/DP Audio vendor: Gigabyte driver: snd_hda_intel v: kernel
bus-ID: 00:01.1 chip-ID: 1002:1308 class-ID: 0403
Device-2: AMD FCH Azalia vendor: Gigabyte driver: snd_hda_intel v: kernel
bus-ID: 00:14.2 chip-ID: 1022:780d class-ID: 0403
Sound Server-1: ALSA v: k5.10.0-33-amd64 running: yes
Sound Server-2: PulseAudio v: 14.2 running: yes
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Gigabyte
driver: r8169 v: kernel port: e000 bus-ID: 01:00.0 chip-ID: 10ec:8168 class-ID: 0200
IF: eth0 state: up speed: 1000 Mbps duplex: full mac: <filter>
Drives: Local Storage: total: 2.81 TiB used: 265.59 GiB (9.2%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM001-1CH164 size: 1.82 TiB
block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 7200
serial: <filter> rev: CC27 scheme: GPT
ID-2: /dev/sdb maj-min: 8:16 vendor: Silicon Power model: SPCC Solid State Disk
size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s type: SSD
serial: <filter> rev: 4A0 scheme: GPT
ID-3: /dev/sdc maj-min: 8:32 type: USB vendor: SMI (STMicroelectronics) model: USB DISK
size: 58.59 GiB block-size: physical: 512 B logical: 512 B type: N/A serial: <filter>
rev: 1100 scheme: MBR
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?
Partition: ID-1: / raw-size: 30.5 GiB size: 29.85 GiB (97.87%) used: 14.04 GiB (47.0%) fs: ext4
dev: /dev/sdb2 maj-min: 8:18
ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 288 KiB (0.1%) fs: vfat
dev: /dev/sdb1 maj-min: 8:17
ID-3: /home raw-size: 30.5 GiB size: 29.85 GiB (97.87%) used: 20.26 GiB (67.9%)
fs: ext4 dev: /dev/sdb3 maj-min: 8:19
Swap: Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 2 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sda1
maj-min: 8:1
Sensors: System Temperatures: cpu: 35.0 C mobo: N/A gpu: radeon temp: 15.0 C
Fan Speeds (RPM): cpu: 2360 fan-2: 648 fan-3: 0 fan-4: 0 fan-5: 0
Power: 12v: N/A 5v: N/A 3.3v: N/A vbat: 3.17
Repos: Packages: 2379 note: see --pkg apt: 2373 lib: 1222 flatpak: 6
No active apt repos in: /etc/apt/sources.list
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http://deb.debian.org/debian/ bullseye main contrib non-free
2: deb http://security.debian.org/debian-security/ bullseye-security main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/mx.list
1: deb http://la.mxrepo.com/mx/repo/ bullseye main non-free
Active apt repos in: /etc/apt/sources.list.d/extrepo_librewolf.sources
1: deb [arch=amd64 arm64] https://repo.librewolf.net librewolf main
Info: Processes: 250 Uptime: 5d 24m wakeups: 1 Memory: 30.31 GiB used: 4.68 GiB (15.4%)
Init: SysVinit v: 2.96 runlevel: 5 default: 5 tool: systemctl Compilers: gcc: 10.2.1
alt: 10 Client: shell wrapper v: 5.1.4-release inxi: 3.3.06
Boot Mode: UEFI
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 7:33 pm
by siamhie
This has been brought up before.
Installation instructions for Debian
https://librewolf.net/installation/debian/
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 8:28 pm
by towwire
I have been using it for a long time, not just installed. As you can see from my history, it was update on 2024-12-13 05:19:12 just by checking for updates as I do each morning before starting any browser.
Code: Select all
2024-12-13 05:19:12 upgrade librewolf amd64 133.0-3 133.0.3-1
2024-12-13 05:13:24 upgrade freetube amd64 0.22.0 0.22.1
That did not work. I got this.
Code: Select all
towwire@mx:~
$ sudo apt update && sudo apt install extrepo -y
Hit:1 http://security.debian.org/debian-security bullseye-security InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
extrepo is already the newest version (0.8).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
towwire@mx:~
$ sudo extrepo enable librewolf
Configuration enabled.
Note that configuration for this repository already existed; it was enabled, but not updated.
For updates, see the update command.towwire@mx:~
$ sudo apt update
Hit:1 http://security.debian.org/debian-security bullseye-security InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
towwire@mx:~
This is the latest right click 'Check for updates'.
Code: Select all
apt update
Hit:1 http://security.debian.org/debian-security bullseye-security InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
No updates available
(0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.)
Press any key to close...
This error comes from just doing a normal 'Check for updates'. I even did a MX fix GPG keys.
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 8:35 pm
by fehlix
MXPI->Browser->Librewolf -> reinstall should fix it, and should install new extrepo based repo-line.
No other manual intervention needed.
Ah. you have bullseye not bookworm... hmme have not tested on bullseye.
Perhap just remove all librewolf.list / librewolf.sources repos and install again from MXPI.
If still not, try manually, what MXPI is now doing:
and
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 9:04 pm
by fehlix
towwire wrote: Sun Dec 15, 2024 7:24 pm
Code: Select all
apt update
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
It's actually not an repo-key issue. The HTTS certificatate was just renewed by Let's Encrypte. So a network/certificate issue.
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 9:09 pm
by towwire
fehlix wrote: Sun Dec 15, 2024 8:35 pm
MXPI->Browser->Librewolf -> reinstall should fix it, and should install new extrepo based repo-line.
No other manual intervention needed.
Ah. you have bullseye not bookworm... hmme have not tested on bullseye.
Perhap just remove all librewolf.list / librewolf.sources repos and install again from MXPI.
If still not, try manually, what MXPI is now doing:
and
Nope
MXPI reinstall librewolf
Code: Select all
Hit:1 http://deb.debian.org/debian bullseye-updates InRelease
Hit:2 http://security.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Reading package lists...
Hit:1 http://deb.debian.org/debian bullseye-updates InRelease
Hit:2 http://security.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
extrepo is already the newest version (0.8).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Hit:1 http://deb.debian.org/debian bullseye-updates InRelease
Hit:2 http://security.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists...
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
Reinstallation of librewolf is not possible, it cannot be downloaded.
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
And then did this.
Code: Select all
towwire@mx:~
$ sudo extrepo enable librewolf
[sudo] password for towwire:
Configuration enabled.
Note that configuration for this repository already existed; it was enabled, but not updated.
For updates, see the update command.towwire@mx:~
$ sudo apt update
Hit:1 http://deb.debian.org/debian bullseye-updates InRelease
Hit:2 http://security.debian.org/debian-security bullseye-security InRelease
Hit:3 http://deb.debian.org/debian bullseye InRelease
Hit:4 http://la.mxrepo.com/mx/repo bullseye InRelease
Err:5 https://repo.librewolf.net librewolf InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
1 package can be upgraded. Run 'apt list --upgradable' to see it.
W: Failed to fetch https://repo.librewolf.net/dists/librewolf/InRelease Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 207.211.187.177 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
towwire@mx:~
$
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 9:19 pm
by fehlix
yes, there two encryptions/certificates involved:
1: https
and
2: repo-archive signature verification, performed by apt.
And this is a https cert error you are facing.
Perhaps check whether you can manually download, to confirm you get also a cert-error:
Code: Select all
curl -RLJO https://repo.librewolf.net/dists/librewolf/InRelease
and also check with a browser to open
https://repo.librewolf.net/dists/librewolf/
++EDIT+++
and until this https cert issue not solved on the network layer, you may just turn off the repo with
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 9:20 pm
by Stevo
I may have figured out how to have the OBS build librewolf packages that I can take for the MX repo...except for the armhf builds that are still busted there.
I've loaded the sources in there, let's see how much smoke comes out.
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 9:33 pm
by towwire
fehlix wrote: Sun Dec 15, 2024 9:19 pm
yes, there two encryptions/certificates involved:
1: https
and
2: repo-archive signature verification, performed by apt.
And this is a https cert error you are facing.
Perhaps check whether you can manually download, to confirm you get also a cert-error:
Code: Select all
curl -RLJO https://repo.librewolf.net/dists/librewolf/InRelease
and also check with a browser to open
https://repo.librewolf.net/dists/librewolf/
Browser said untrusted connection. If I disregard then this.
Screenshot_2024-12-15_18-28-25.png
And this
Code: Select all
towwire@mx:~
$ curl -RLJO https://repo.librewolf.net/dists/librewolf/InRelease
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
towwire@mx:~
Re: apt update error - librewolf
Posted: Sun Dec 15, 2024 10:41 pm
by Stevo
Ehhh-not working-get an incomprehensible compiler error:
Code: Select all
[ 1313s] /usr/src/packages/BUILD/build-browser/dist/include/mozilla/dom/TypedArray.h:974:64: error: no matching function for call to 'mozilla::dom::binding_detail....
and so on for ages.